2 files changed, 13 insertions, 0 deletions

diff --git a/ChangeLog b/ChangeLog
index d5ad8cb7df..089d34097f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,13 @@
+Mon Jun 30 10:28:33 2008  Yukihiro Matsumoto  <matz@ruby-lang.org>
+
+	* ext/syslog/syslog.c (syslog_write): syslog operations should be
+	  protected from $SAFE level 4.  a patch from Keita Yamaguchi
+	  <keita.yamaguchi at gmail.com>.
+
+	* ext/syslog/syslog.c (mSyslog_close): ditto.
+
+	* ext/syslog/syslog.c (mSyslog_set_mask): ditto.
+
 Mon Jun 30 03:01:35 2008  Yusuke Endoh  <mame@tsg.ne.jp>
 
 	* test/net/http/test_http.rb (_test_request__file): specify encoding
diff --git a/ext/syslog/syslog.c b/ext/syslog/syslog.c
index 4ac645969d..4503e35461 100644
--- a/ext/syslog/syslog.c
+++ b/ext/syslog/syslog.c
@@ -22,6 +22,7 @@ static void syslog_write(int pri, int argc, VALUE *argv)
 {
     VALUE str;
 
+    rb_secure(4);
     if (argc < 1) {
         rb_raise(rb_eArgError, "no log message supplied");
     }
@@ -38,6 +39,7 @@ static void syslog_write(int pri, int argc, VALUE *argv)
 /* Syslog module methods */
 static VALUE mSyslog_close(VALUE self)
 {
+    rb_secure(4);
     if (!syslog_opened) {
         rb_raise(rb_eRuntimeError, "syslog not opened");
     }
@@ -132,6 +134,7 @@ static VALUE mSyslog_get_mask(VALUE self)
 
 static VALUE mSyslog_set_mask(VALUE self, VALUE mask)
 {
+    rb_secure(4);
     if (!syslog_opened) {
         rb_raise(rb_eRuntimeError, "must open syslog before setting log mask");
     }